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Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in the application: 
Listing of Claims: 

1 . (Original) An encryption method for providing both data confidentiality and 
integrity for a message, comprising the steps of: 

receiving an input plaintext string comprising a message and padding it as necessary 
such that its length is a multiple of I bits; 

partitioning the input plaintext string a length that is a multiple of £ bits into a 
plurality of equal-size blocks of t bits in length; 

creating an MDC block of £ bits in length that includes the result of applying a non- 
cryptographic Manipulation Detection Code (MDC) function to the plurality of the equal-size 
blocks; 

making one and only one processing pass with a single cryptographic primitive over 
each of said equal-size blocks and the MDC block to create a plurality of hidden ciphertext 
blocks each of £ bits in length; and 

performing a randomization function over said plurality of hidden ciphertext blocks to 
create a plurality of output ciphertext blocks each of I bits in length. 

2. (Original) The method as defined in claim 1, comprising the steps of: 
wherein said making one and only one processing pass step comprises processing each 

of said equal-size blocks and the MDC block by an encryption scheme that is confidentiality- 
secure against chosen-plaintext attacks, wherein each of said equal-size blocks and the MDC 
block is processed by a block cipher using a first secret key to obtain said plurality of hidden 
ciphertext blocks; and 

wherein said performing a randomization function step comprises combining each of 
said hidden ciphertext blocks with a corresponding element of a sequence of unpredictable 
elements to create a set of output blocks of the ciphertext, wherein a hidden ciphertext block 
identified by an index i is combined with the element of the sequence identified by index i by 
an operation that has an inverse. 
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3. (Original) The method as defined in claim 2, wherein said creating an MDC 
block step comprises: 

applying the non-cryptographic MDC function to the partitioned plaintext blocks; and 
combining the result with a secret, I -bit random vector generated on a per-message 
basis to obtain said MDC block. 

4. (Currently amended) The method as defined in claim 3, wherein said 
combining step comprises performing the combination using a[an] bit-wise exclusive-or 
function. 

5. (Original) The method as defined in claim 3, comprising the step of 
generating said secret random vector from a secret random number generated on a per- 
message basis. 

6. (Original) The method as defined in claim 2, further comprising the step of 
appending the created MDC block after a last block of the set of equal-sized blocks 
comprising the padded plaintext string. 

7. (Original) The method as defined in claim 3, wherein said encryption scheme 
is cipher block chaining (CBC); and further comprising the step of representing an 
initialization vector for the CBC as the secret random vector. 

8. (Original) The method as defined in claim 2, wherein the hidden ciphertext 
blocks from the processing step comprise n + 1 hidden ciphertext blocks each of ^ -bit length, 
where n is the total number of blocks in said set of equal-sized blocks of the padded input 
plaintext string. 

9. (Original) The method as defined in claim 2, further comprising the step of 
generating each of a plurality of the unpredictable elements of said sequence of unpredictable 
elements by combining a different element identifier for each of the unpredictable elements 
and a secret random number. 
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10. (Original) The method as defined in claim 5, further comprising the step of 
generating each of a plurality of the unpredictable elements of said sequence of unpredictable 
elements by combining a different element identifier for each of the unpredictable elements 
and said secret random number. 

11. (Original) The method as defined in claim 5, further comprising the steps of: 
enciphering the secret random number using the block cipher using the secret first 

key; and 

including this enciphered secret random number as one of said output ciphertext 

blocks. 

12. (Original) The method of claim 3, wherein said secret random vector is 
generated by enciphering a secret random number of £ -bits in length, said enciphering using 
said block cipher using a secret second key. 

13. (Original) The method as defined in claim 5, wherein said secret random 
vector is generated by enciphering a variant of said secret random number of £ -bits in length, 
said enciphering using said block cipher using said secret first key. 

14. (Original) The method as defined in claim 13, wherein said variant of said 
secret random number is obtained by adding a constant to said secret random number. 

15. (Original) The method of claim 5, wherein the secret random number is 
provided by a random number generator. 

16. (Original) The method as defined in claim 5, further comprising: 
generating said secret random number by enciphering a count of a counter initialized 

to a constant, said enciphering being performed with the block cipher using the secret first 
key; and 

incrementing said counter by one on every message encryption. 

17. (Original) The method as defined in claim 16, wherein said counter is 
initialized to a constant whose value is the £ -bit representation of negative one. 
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18. (Original) The method as defined in claim 16, comprising: 
initializing said counter to a secret value of £ -bits in length. 

19. (Original) The method as defined in claim 16, further comprising: 
outputting said counter value as an output block of the encryption scheme. 

20. (Original) The method as defined in claim 5, further comprising: 
sharing the secret random number between a sender and a receiver. 

21 . (Original) The method as defined in claim 1, wherein said non-cryptographic 
MDC function is a bit-wise exclusive-or function. 

22. (Original) The method as defined in claim 2, wherein said encryption scheme 
is the CBC scheme of encryption. 

23. (Original) The method as defined in claim 2, wherein said operation that has 

t 

an inverse is the addition modulo 2 . 

24. (Original) The method as defined in claim 2, wherein said operation that has 
an inverse is a bit-wise exclusive-or operation. 

25. (Original) The method as defined in claim 2, wherein said operation that has 

i 

an inverse is the subtraction modulo 2 operation. 

26. (Original) The method as defined in claim 3, further comprising: 
generating said secret random vector from a secret random number of £ -bit length; 

and 

i 

generating each element in said sequence of unpredictable elements by modular 2 
multiplication of a different unique element identifier (i) for each element in the sequence of 
unpredictable elements and said secret random number. 

27. (Original) The method as defined in claim 3, further comprising: 
generating said secret random vector from a secret random number of £ -bit length; 

and 
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generating each element in said sequence of unpredictable elements from the previous 

t 

element by modular 2 addition of said secret random number to the previous element, with a 
first element of said sequence being said secret random number itself. 

28. (Original) A decryption method that is the inverse of an encryption method 
which provides both data confidentiality and integrity, comprising the steps of: 

presenting a string including ciphertext string for decryption; 

partitioning said ciphertext string into a plurality of ciphertext blocks comprising £ - 
bits each; 

selecting n+1 ciphertext blocks from said plurality of ciphertext blocks representing n 
data blocks and one MDC block and performing a reverse randomization function on each of 
the selected n+1 ciphertext blocks to obtain a plurality of hidden ciphertext blocks each of £ - 
bits in length; 

making one and only one processing pass with a single cryptographic primitive that is 
the inverse of an encryption single cryptographic primitive over the plurality of hidden 
ciphertext blocks to obtain a plurality of plaintext blocks comprising £ -bits each; 

verifying integrity of the plaintext blocks using a non-cryptographic Manipulation 
Detection Code (MDC) function; 

outputting the plurality of plaintext blocks as an accurate plaintext string if the 
integrity verification passes; and 

outputting a failure indicator if the integrity verification fails. 

29. (Original) The method as defined in claim 28, wherein performing said 
reverse randomization function comprises: 

deriving a secret random number from said ciphertext string presented for decryption; 

generating a sequence of unpredictable elements each of £ -bit length from said secret 
random number in a same manner as used at the encryption method; 

selecting n+1 ciphertext blocks from said plurality of ciphertext blocks representing n 
data blocks and one MDC block in a same order as that used at the encryption method, and 
combining said selected ciphertext blocks with said sequence of unpredictable elements to 
obtain a plurality of hidden ciphertext blocks, such that each of the n+1 ciphertext blocks 

-8- 

002.1358979.1 



Appl. No. 09/761,771 
Atty. Dkt. No. 068398-0102 

identified by index i is combined with the element of the sequence of unpredictable elements 
identified by index i, by the inverse of an operation used at the encryption method; 

wherein the step of making one and only one processing pass comprises decrypting 
the plurality of hidden ciphertext blocks with the inverse of the block cipher used at an 
encryption method with a first secret key (K), the result of the decryption being a plurality of 
n decrypted plaintext data blocks and one decrypted MDC block each of t -bit length; and 

wherein the verifying integrity step comprises creating an MDC decryption block by 
applying the non-cryptographic Manipulation Detection Code function to the n decrypted 
plaintext data blocks and combining the result with a secret, i -bit random vector, said 
combining operation being the same as a combining operation at the encryption method, and 
said secret random vector being derived from said secret random number in the same manner 
as at the encryption method; and comparing said created MDC decryption block with the 
decrypted MDC block. 

30. (Original) The method of claim 28, further comprising: 

selecting the ciphertext block of a secret random number from said string presented 
for decryption; and 

deciphering the selected ciphertext block to obtain the secret random number. 

3 1 . (Original) The method as defined in claim 30, wherein said deciphering step 
comprises performing the deciphering with the inverse of the said block cipher using the 
secret first key. 

32. (Original) The method of claim 29, further comprising: 

for the encryption method generating a secret random number by enciphering a count 
of a counter initialized to a constant, said enciphering being performed with the block cipher 
using the secret first key; and 

incrementing said counter by one on every message encryption; and 
further comprising for decrypting the ciphertext blocks of the partitioned ciphertext 
string the steps of: 

selecting a counter block representing the count of the counter from said string 
presented at decryption; and 
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enciphering said selected counter block to obtain the secret random number. 

33. (Original) The method as defined in claim 32, wherein the enciphering step 
comprises performing said enciphering with the block cipher using the secret first key. 

34. (Original) The method as defined in claim 28, wherein the string presented for 
decryption is obtained by applying the encryption method that provides both data 
confidentiality and integrity to an input plaintext string, further comprising: 

outputting said input plaintext string. 

35. (Original) A method for parallel encryption processing of a message 
comprising the steps of: 

partitioning said input plaintext string into a plurality of input plaintext segments; 

concurrently presenting each different one of said plurality of input plaintext segments 
to a different one of a plurality of encryption processors, each of said different processors 
using a different £ -bit secret random number per segment to obtain a ciphertext segment 
using an encryption method providing both data confidentiality and integrity with a single 
processing pass over the input plaintext segment and a single cryptographic primitive, and 
using a non-cryptographic Manipulation Detection Code function, wherein said single 
cryptographic primitive is a £ -bit block cipher using a secret first key; 

assembling the plurality of ciphertext segments into a ciphertext string; and 

outputting the ciphertext string. 

36. (Original) The method as defined in claim 35, wherein said assembling step 
comprises including in the ciphertext string the number of ciphertext segments, a ciphertext 
segment index, a length of each ciphertext segment and a sequence of ciphertext segments. 

37. (Original) The method of claim 35, further comprising: 

generating said different £ -bit secret random number per segment from a secret 
random number of £ -bits in length. 
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38. (Original) The method of claim 37, further comprising: 

generating said different secret random number per segment from the secret random 

t 

number of £ -bits by adding modulo 2 a plaintext segment sequence index for that segment 
to the secret random number. 

39. (Original) The method of claim 37, further comprising: 
generating said secret random number of t -bits in length by a random number 

generator; 

enciphering said secret random number with said block cipher using a first key; and 
including the enciphered secret random number as an output block of said output 
ciphertext string. 

40. (Original) The method of claim 37, further comprising: 

generating said secret random number of I -bits in length by enciphering a counter 
initialized to a constant, said enciphering being done with said block cipher using said first 
key; and 

outputting said counter value as an output block of said output ciphertext string; and 
incrementing after every different message encryption said counter by a number equal 
to a number of plaintext segments in the message. 

41 . (Original) A method for parallel decryption processing of a message 
comprising the steps of: 

presenting a string including the ciphertext string of a message for decryption; 
partitioning said ciphertext string into a plurality of ciphertext segments; 
concurrently presenting said plurality of ciphertext segments to a plurality of 
processors; 

obtaining a different secret random number per ciphertext segment from a secret 
random number in the same manner as at a parallel encryption method; 

decrypting each ciphertext segment using said different secret random number per 
ciphertext segment to obtain a plaintext segment, using a decryption method that is the 
inverse of an encryption method used in the parallel encryption method that provides both 
data confidentiality and integrity with a single processing pass over the input plaintext 
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segment and a single cryptographic primitive, wherein said single cryptographic primitive is a 
(. -bit block cipher using a secret first key, and using a non-cryptographic Manipulation 
Detection Code function for verifying integrity of the plaintext blocks of each plaintext 
segment; 

assembling the plurality of plaintext segments into a plaintext string; and 
verifying the integrity of the plaintext segments and their sequence and outputting the 
plaintext string if the integrity verification passes. 

42. (Original) The method as defined in claim 41, further comprising outputting a 
failure indicator if the integrity verification fails for at least one segment. 

43. (Original) The method of claim 41 , further comprising: 

selecting a ciphertext block of the secret random number from said string presented 
for decryption; 

deciphering the selected ciphertext block to obtain the secret random number. 

44. (Original) The method as defined in claim 43, performing said deciphering 
step with the inverse of a block cipher using a secret first key, said block cipher and said 
secret first key being the same as to those used at the message encryption method using the 
plurality of processors. 

45. (Original) The method of claim 41, further comprising: 

for the parallel encryption method generating said secret random number of £ -bits in 
length by enciphering a counter initialized to a constant, said enciphering being done with 
said block cipher using said first key; and 

incrementing after every different message encryption said counter by a number equal 
to a number of plaintext segments in the message; and 

further comprising for decryption of the ciphertext segments of the partitioned 
ciphertext string the steps of: 

selecting a counter block holding the count of the counter from said string presented 
for decryption; 

enciphering the selected counter block to obtain said secret random number. 
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46. (Original) The method as defined in claim 45, wherein said enciphering the 
counter block step comprises enciphering with the block cipher using the same key as that 
used for encryption using a plurality of processors. 

47. (Original) An encryption program product for providing both data 
confidentiality and integrity for a message, comprising: 

first code for receiving an input plaintext string comprising a message and padding it 
as necessary such that its length is a multiple of £ -bits; 

second code for partitioning the padded input plaintext string into a plurality of equal- 
size blocks of £ -bits in length; 

third code for creating an MDC block of £ -bits in length that includes the result of 
applying a non-cryptographic Manipulation Detection Code (MDC) function to the plurality 
of said equal-size blocks; 

fourth code for making one and only one processing pass with a single cryptographic 
primitive over each of the said equal-size blocks and the MDC block to create a plurality of 
hidden ciphertext blocks each of £ -bits in length; and 

fifth code for performing a randomization function over said plurality of hidden 
ciphertext blocks to create a plurality of output ciphertext blocks each of £ -bits in length. 

48. (Original) The program product as defined in claim 47, comprising: 
wherein said fourth code for making one and only one processing pass step comprises 

code for processing each of said equal-size blocks and the MDC block by an encryption 
scheme that is confidentiality-secure against chosen-plaintext attacks, wherein each of said 
equal-size blocks and the MDC block is processed by a block cipher using a first secret key 
(K) to obtain said plurality of hidden ciphertext blocks; and 

wherein said fifth code for performing a randomization function comprises code for 
combining each of said hidden ciphertext blocks with a corresponding element of a sequence 
of unpredictable elements to create a set of output blocks of the ciphertext, wherein a hidden 
ciphertext block identified by an index i is combined with the element of the sequence 
identified by index i by an operation that has an inverse. 
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49. (Original) The program product as defined in claim 48, wherein said third 
code for creating an MDC block step comprises: 

code for applying the non-cryptographic MDC function to the partitioned plaintext 
blocks; and 

code for combining the result with a secret, £ -bit random vector generated on a per- 
message basis to obtain said MDC block. 

50. (Original) A decryption program product that is the inverse of the encryption 
program product which provides both data confidentiality and integrity, comprising: 

first code for presenting a string including ciphertext string for decryption; 

second code for partitioning said ciphertext string into a plurality of ciphertext blocks 
comprising t -bits each; 

third code for selecting n+1 ciphertext blocks from said plurality of ciphertext blocks 
representing n data blocks and one MDC block and performing a reverse randomization 
function on each of the selected n+1 ciphertext blocks to obtain a plurality of hidden 
ciphertext blocks each of I -bits in length; 

fourth code for making one and only one processing pass with a single cryptographic 
primitive that is the inverse of an encryption single cryptographic primitive over the plurality 
of hidden ciphertext block to obtain a plurality of plaintext blocks comprising t -bits each; 

fifth code for verifying integrity of the plaintext blocks using a non-cryptographic 
Manipulation Detection Code (MDC) function; and 

sixth code for outputting the plurality of plaintext blocks as an accurate plaintext 
string if the integrity verification passes; and 

seventh code for outputting a failure indicator if the integrity verification fails. 

51. (Original) The program product as defined in claim 50, wherein said third 
code for performing said reverse randomization function comprises: 

code for deriving a secret random number from said ciphertext string presented for 
decryption; 

code for generating a sequence of unpredictable elements each of I -bit length from 
said secret random number in the same manner as used at an encryption program product; 
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code for selecting n+1 ciphertext blocks from said plurality of ciphertext blocks 
representing n data blocks and one MDC block in the same order as that used at an encryption 
program product, and combining said selected ciphertext blocks with said sequence of 
unpredictable elements to obtain a plurality of hidden ciphertext blocks (zO, such that each of 
the n+1 ciphertext blocks identified by index i is combined with the element of the sequence 
of unpredictable elements identified by index i, by the inverse of said operation used at the 
encryption program product; 

wherein said fourth code for making one and only one processing pass comprises code 
for decrypting the plurality of hidden ciphertext blocks with the inverse of the block cipher 
used at an encryption program product with a first secret key (K), the result of the decryption 
being a plurality of n decrypted plaintext data blocks and one decrypted MDC block each of 
£ -bit length; and 

wherein said fifth code for verifying integrity step comprises code for creating an 
MDC decryption block by applying the non-cryptographic Manipulation Detection Code 
function to the n decrypted plaintext data blocks and combining the result with a secret, £ -bit 
random vector , said combining operation being the same as the combining operation at the 
encryption program product, and said secret random vector being derived from said secret 
random number in the same manner as at the encryption program product; and comparing 
said created MDC decryption block with the decrypted MDC block. 

52. (Original) An encryption system for providing both data confidentiality and 
integrity for a message, comprising: 

a first component for receiving an input plaintext string comprising a message and 
padding it as necessary such that its length is a multiple of £ -bits; 

a second component for partitioning the padded input plaintext string into a plurality 
of equal-size blocks of £ -bits in length; 

a third component for creating an MDC block of £ -bits in length that includes the 
result of applying a non-cryptographic Manipulation Detection Code (MDC) function to the 
plurality of said equal-size blocks; 
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a fourth component for making one and only one processing pass with a single 
cryptographic primitive over each of the said equal-size blocks and the MDC block to create a 
plurality of hidden ciphertext blocks each of £ -bits in length; and 

a fifth component for performing a randomization function over said plurality of 
hidden ciphertext blocks to create a plurality of output ciphertext blocks each of £ -bits in 
length. 

53. (Original) The system as defined in claim 52, wherein said fourth component 
for making one and only one processing pass step comprises a component for processing each 
of said equal-size blocks and the MDC block by an encryption scheme that is confidentiality- 
secure against chosen-plaintext attacks, wherein each of said equal-size blocks and the MDC 
block is processed by a block cipher using a first secret key to obtain said plurality of hidden 
ciphertext blocks; and 

wherein said fifth component for performing a randomization function comprises a 
component for combining each of said hidden ciphertext blocks with a corresponding element 
of a sequence of unpredictable elements to create a set of output blocks of the ciphertext, 
wherein a hidden ciphertext block identified by an index i is combined with the element of 
the sequence identified by index i by an operation that has an inverse. 

54. (Original) The system as defined in claim 53, wherein said third component 
for creating an MDC block step comprises: 

a component for applying the non-cryptographic MDC function to the partitioned 
plaintext blocks; and 

a component for combining the result with a secret, £ -bit random vector generated on 
a per-message basis to obtain said MDC block. 

55. (Original) A decryption system that is the inverse of the encryption system 
which provides both data confidentiality and integrity, comprising: 

a first component for presenting a string including ciphertext string for decryption; 
a second component for partitioning said ciphertext string into a plurality of ciphertext 
blocks comprising £ -bits each; 



-16- 

002.1358979.1 



Appl. No. 09/761,771 
Atty. Dkt. No. 068398-0102 

a third component for selecting n+1 ciphertext blocks from said plurality of ciphertext 
blocks representing n data blocks and one MDC block and performing a reverse 
randomization function on each of the selected n+1 ciphertext blocks to obtain a plurality of 
hidden ciphertext blocks each of £ -bits in length; 

a fourth component for making one and only one processing pass with a single 
cryptographic primitive that is the inverse of an encryption single cryptographic primitive 
over the plurality of hidden ciphertext block to obtain a plurality of plaintext blocks 
comprising £ -bits each; 

a fifth component for verifying integrity of the plaintext blocks using a non- 
cryptographic Manipulation Detection Code (MDC) function; and 

a sixth component for outputting the plurality of plaintext blocks as an accurate 
plaintext string if the integrity verification passes; and 

a seventh component for outputting a failure indicator if the integrity verification fails. 

56. (Original) The system as defined in claim 55, wherein said third component 
for performing said reverse randomization function comprises: 

a component for deriving a secret random number from said ciphertext string 
presented for decryption; 

a component for generating a sequence of unpredictable elements each of £ -bit length 
from said secret random number in the same manner as used at an encryption system; 

a component for selecting n+1 ciphertext blocks from said plurality of ciphertext 
blocks representing n data blocks and one MDC block in the same order as that used at an 
encryption system, and combining said selected ciphertext blocks with said sequence of 
unpredictable elements to obtain a plurality of hidden ciphertext blocks, such that each of the 
n+1 ciphertext blocks identified by index i is combined with the element of the sequence of 
unpredictable elements identified by index i, by the inverse of said operation used at the 
encryption system; 

wherein said fourth component for making one and only one processing pass 
comprises a component for decrypting the plurality of hidden ciphertext blocks with the 
inverse of the block cipher used at an encryption system with a first secret key (K), the result 
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of the decryption being a plurality of n decrypted plaintext data blocks and one decrypted 
MDC block each of £ -bit length; and 

wherein said fifth component for verifying integrity step comprises a component for 
creating an MDC decryption block by applying the non-cryptographic Manipulation 
Detection Code function to the n decrypted plaintext data blocks and combining the result 
with a secret, i -bit random vector, said combining operation being the same as the 
combining operation at the encryption system, and said secret random vector being derived 
from said secret random number in the same manner as at the encryption system; and 
comparing said created MDC decryption block with the decrypted MDC block. 

57. (Original) A program product for parallel encryption processing of a message 
comprising: 

first code for partitioning said input plaintext string into a plurality of input plaintext 
segments; 

second code for concurrently presenting each different one of said plurality of input 
plaintext segments to a different one of a plurality of encryption processors, each of said 
different processors using a different £ -bit secret random number per segment to obtain a 
ciphertext segment using an encryption code providing both data confidentiality and integrity 
with a single processing pass over the input plaintext segment and a single cryptographic 
primitive, and using a non-cryptographic Manipulation Detection Code function, wherein said 
single cryptographic primitive is a £ -bit block cipher using a secret first key; 

third code for assembling the plurality of ciphertext segments into a ciphertext string; 

and 

fourth code for outputting the ciphertext string. 

58. (Original) The program product as defined in claim 57, wherein said third 
code for assembling comprises code for including in the ciphertext string the number of 
ciphertext segments, a ciphertext segment index, a length of each ciphertext segment and a 
sequence of ciphertext segments. 

59. (Original) A program product for parallel decryption processing of a message 
comprising: 
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first code for presenting a string including the ciphertext string of a message for 
decryption; 

second code for partitioning said ciphertext string into a plurality of ciphertext 
segments; 

third code for concurrently presenting said plurality of ciphertext segments to a 
plurality of processors; 

fourth code for obtaining a different secret random number per ciphertext segment 
from a secret random number in the same manner as at the parallel encryption program 
product; 

fifth code for decrypting each ciphertext segment using said different secret random 
number per ciphertext segment to obtain a plaintext segment, using a decryption method that 
is the inverse of an encryption method used in the parallel encryption method that provides 
both data confidentiality and integrity with a single processing pass over the input plaintext 
segment and a single cryptographic primitive, wherein said single cryptographic primitive is a 
I -bit block cipher using a secret first key, and using a non-cryptographic Manipulation 
Detection Code function for verifying integrity of the plaintext blocks of each plaintext 
segment; 

sixth code for assembling the plurality of plaintext segments into a plaintext string; 

and 

seventh code for verifying the integrity of the plaintext segments and their sequence 
and outputting the plaintext string if the integrity verification passes. 

60. (Original) The program product as defined in claim 59, further comprising 
code for outputting a failure indicator if the integrity verification fails for at least one 
segment. 

61. (Original) A system for parallel encryption processing of a message 
comprising: 

a first component for partitioning said input plaintext string into a plurality of input 
plaintext segments; 
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a second component for concurrently presenting each different one of said plurality of 
input plaintext segments to a different one of a plurality of encryption processors, each of said 
different processors using a different £ -bit secret random number per segment to obtain a 
ciphertext segment using an encryption component providing both data confidentiality and 
integrity with a single processing pass over the input plaintext segment and a single 
cryptographic primitive, and using a non-cryptographic Manipulation Detection Code 
function, wherein said single cryptographic primitive is a £ -bit block cipher using a secret 
first key; 

a third component for assembling the plurality of ciphertext segments into a ciphertext 
string; and 

a fourth component for outputting the ciphertext string. 

62. (Original) The system as defined in claim 61, wherein said third component 
for assembling comprises a component for including in the ciphertext string the number of 
ciphertext segments, a ciphertext segment index, a length of each ciphertext segment and a 
sequence of ciphertext segments. 

63. (Original) A system for parallel decryption processing of a message 
comprising: 

a first component for presenting a string including the ciphertext string of a message 
for decryption; 

a second component for partitioning said ciphertext string into a plurality of ciphertext 
segments; 

a third component for concurrently presenting said plurality of ciphertext segments to 
a plurality of processors; 

a fourth component for obtaining a different secret random number per ciphertext 
segment from a secret random number in the same manner as at the parallel encryption 
system; 

a fifth component for decrypting each ciphertext segment using said different secret 
random number per ciphertext segment to obtain a plaintext segment, using a decryption 
method that performs the inverse operation of an encryption method used in the parallel 
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encryption method that provides both data confidentiality and integrity with a single 
processing pass over the input plaintext segment and a single cryptographic primitive, 
wherein said single cryptographic primitive is a £ -bit block cipher using a secret first key, 
and using a non-cryptographic Manipulation Detection Code function for verifying integrity 
of the plaintext blocks of each plaintext segment; 

a sixth component for assembling the plurality of plaintext segments into a plaintext 
string; and 

a seventh component for verifying the integrity of the plaintext segments and their 
sequence and outputting the plaintext string if the integrity verification passes. 

64. (Original) The system as defined in claim 63, further comprising a component 
for outputting a failure indicator if the integrity verification fails for at least one segment. 

65. (Previously presented) An encryption method for providing both data 
confidentiality and integrity for a message, comprising the steps of: 

receiving an input plaintext string comprising a message; 

generating a plurality of equal-sized blocks of t -bits in length from the input plaintext 

string; 

creating an MDC block of I -bits in length that includes the result of applying a non- 
cryptographic Manipulation Detection Code (MDC) function to the plurality of the equal- 
sized blocks; 

making one and only one processing pass with a single cryptographic primitive over 
each of said equal-sized blocks and the MDC block to create a plurality of hidden ciphertext 
blocks each of £ -bits in length; and 

performing a randomization function over said plurality of hidden ciphertext blocks to 
create a plurality of output ciphertext blocks each of t -bits in length. 

66. (Previously presented) The method as defined in claim 65, 

wherein said making one and only one processing pass step comprises processing each 
of said equal-sized blocks and the MDC block by an encryption scheme that is 
confidentiality-secure against chosen-plaintext attacks, wherein each of said equal-sized 
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blocks and the MDC block is processed by a block cipher using a first secret key to obtain 
said plurality of hidden ciphertext blocks; and 

wherein said performing a randomization function step comprises combining each of 
said hidden ciphertext blocks with a corresponding element of a sequence of unpredictable 
elements to create a set of output blocks of the ciphertext, wherein a hidden ciphertext block 
identified by an index i is combined with the element of the sequence identified by index i by 
an operation that has an inverse. 

67. (Previously presented) The method as defined in claim 65, wherein said 
generating a plurality of equal-sized blocks of £ -bits in length from the input plaintext string 
further comprises the steps of: 

padding the input plaintext string as necessary such that its length is a multiple of £ - 
bits; and 

partitioning the padded input plaintext string into a plurality of equal-size blocks of £ - 
bits in length. 

68. (Previously presented) The method as defined in claim 67, wherein said 
padding of the input plaintext string is a standard padding method. 

69. (Previously presented) The method as defined in claim 66, 

wherein the result of the combination of any two different unpredictable elements of 
the sequence of unpredictable elements by the inverse operation of the operation to create a 
set of output blocks of the ciphertext is unpredictable; and 

wherein said unpredictable elements selected as said two unpredictable elements are 
any two different elements of the same sequence of unpredictable elements used for the 
encryption of said plaintext string; and 

wherein said unpredictable elements selected as said two unpredictable elements are 
any two different elements of a plurality of sequences of unpredictable elements used for 
encryption of a plurality of plaintext strings with the same secret key K. 
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70. (Previously presented) The method as defined in claim 2, 

wherein the result of the combination of any two different unpredictable elements of 
the sequence of unpredictable elements by the inverse operation of the operation to create a 
set of output blocks of the ciphertext is unpredictable; and 

wherein said unpredictable elements selected as said two unpredictable elements are 
any two different elements of the same sequence of unpredictable elements used for the 
encryption of said plaintext string; and 

wherein said unpredictable elements selected as said two unpredictable elements are 
any two different elements of a plurality of sequences of unpredictable elements used for 
encryption of a plurality of plaintext strings with the same secret key K. 

71 . (Previously presented) A program product for an encryption method for 
providing both data confidentiality and integrity for a message, including machine-readable 
code for causing a machine to perform the following method steps: 

receiving an input plaintext string comprising a message; 

generating a plurality of equal-sized blocks of i -bits in length from the input plaintext 

string; 

creating an MDC block of I -bits in length that includes the result of applying a non- 
cryptographic Manipulation Detection Code (MDC) function to the plurality of the equal- 
sized blocks; 

making one and only one processing pass with a single cryptographic primitive over 
each of said equal-sized blocks and the MDC block to create a plurality of hidden ciphertext 
blocks each of t -bits in length; and 

performing a randomization function over said plurality of hidden ciphertext blocks to 
create a plurality of output ciphertext blocks each of I -bits in length. 

72. (Previously presented) The program product defined in claim 71, wherein the 
program code for causing the performance of the step of making one and only one processing 
pass step comprises processing each of said equal-sized blocks and the MDC block by an 
encryption scheme that is confidentiality-secure against chosen-plaintext attacks, wherein 
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each of said equal-sized blocks and the MDC block is processed by a block cipher using a 
first secret key to obtain said plurality of hidden ciphertext blocks; and 

wherein the program code for causing the performing a randomization function step 
comprises combining each of said hidden ciphertext blocks with a corresponding element of a 
sequence of unpredictable elements to create a set of output blocks of the ciphertext, wherein 
a hidden ciphertext block identified by an index i is combined with the element of the 
sequence identified by index i by an operation that has an inverse. 

73. (Previously presented) The program product defined in claim 71, wherein the 
program code for performing said step of generating a plurality of equal-sized blocks of I - 
bits in length from the input plaintext string further comprises code for performing the steps 
of: 

padding the input plaintext string as necessary such that its length is a multiple of £ - 
bits; and 

partitioning the padded input plaintext string into a plurality of equal-size blocks of I - 
bits in length. 

74. (Previously presented) The program product defined in claim 73, 
wherein the program code for performing said step of padding of the input plaintext 

string comprises code for performing a standard padding method. 

75. (Previously presented) The program product defined in claim 72, 
wherein the result of the combination of any two different unpredictable elements of 

the sequence of unpredictable elements by the inverse operation of the operation to create a 
set of output blocks of the ciphertext is unpredictable; and 

wherein said unpredictable elements selected as said two unpredictable elements are 
any two different elements of the same sequence of unpredictable elements used for the 
encryption of said plaintext string; and 

wherein said unpredictable elements selected as said two unpredictable elements are 
any two different elements of a plurality of sequences of unpredictable elements used for 
encryption of a plurality of plaintext strings with the same secret key K. 
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76. (Previously presented) The program product defined in claim 48, 
wherein the result of the combination of any two different unpredictable elements of 

the sequence of unpredictable elements by the inverse operation of the operation to create a 
set of output blocks of the ciphertext is unpredictable; and 

wherein said unpredictable elements selected as said two unpredictable elements are 
any two different elements of the same sequence of unpredictable elements used for the 
encryption of said plaintext string; and 

wherein said unpredictable elements selected as said two unpredictable elements are 
any two different elements of a plurality of sequences of unpredictable elements used for 
encryption of a plurality of plaintext strings with the same secret key K. 

77. (Previously presented) An encryption system for providing both data 
confidentiality and integrity for a message, comprising: 

a first component for receiving an input plaintext string comprising a message; 

a second component for generating a plurality of equal-sized blocks of £ -bits in 
length from the input plaintext string; 

a third component for creating an MDC block of I -bits in length that includes the 
result of applying a non-cryptographic Manipulation Detection Code (MDC) function to the 
plurality of the equal-sized blocks; 

a fourth component for making one and only one processing pass with a single 
cryptographic primitive over each of said equal-sized blocks and the MDC block to create a 
plurality of hidden ciphertext blocks each of I -bits in length; and 

a fifth component for performing a randomization function over said plurality of 
hidden ciphertext blocks to create a plurality of output ciphertext blocks each of t -bits in 
length. 

78. (Previously presented) The system as defined in claim 77, 
wherein said fourth component for making one and only one processing pass 

comprises a component for processing each of said equal-size blocks and the MDC block by 
an encryption scheme that is confidentiality-secure against chosen-plaintext attacks, wherein 
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each of said equal-sized blocks and the MDC block is processed by a block cipher using a 
first secret key to obtain said plurality of hidden ciphertext blocks; and 

wherein fifth component for performing a randomization function comprises a 
component for combining each of said hidden ciphertext blocks with a corresponding element 
of a sequence of unpredictable elements to create a set of output blocks of the ciphertext, 
wherein a hidden ciphertext block identified by an index i is combined with the element of 
the sequence identified by index i by an operation that has an inverse. 

79. (Previously presented) The system as defined in claim 77, wherein said 
second component for generating a plurality of equal-sized blocks of I -bits in length from 
the input plaintext string further comprises components for 

padding the input plaintext string as necessary such that its length is a multiple of £ - 
bits; and 

partitioning the padded input plaintext string into a plurality of equal-size blocks of £ - 
bits in length. 

80. (Previously presented) The system as defined in claim 79, wherein the said 
component for padding of the input plaintext string comprises a component for a standard 
padding method. 

81. (Previously presented) The system as defined in claim 78, 

wherein the result of the combination of any two different unpredictable elements of 
the sequence of unpredictable elements by the inverse operation of the operation to create a 
set of output blocks of the ciphertext is unpredictable; and 

wherein said unpredictable elements selected as said two unpredictable elements are 
any two different elements of the same sequence of unpredictable elements used for the 
encryption of said plaintext string; and 

wherein said unpredictable elements selected as said two unpredictable elements are 
any two different elements of a plurality of sequences of unpredictable elements used for 
encryption of a plurality of plaintext strings with the same secret key K. 
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82. (Previously presented) The system as defined in claim 53, 

wherein the result of the combination of any two different unpredictable elements of 
the sequence of unpredictable elements by the inverse operation of the operation to create a 
set of output blocks of the ciphertext is unpredictable; and 

wherein said unpredictable elements selected as said two unpredictable elements are 
any two different elements of the same sequence of unpredictable elements used for the 
encryption of said plaintext string; and 

wherein said unpredictable elements selected as said two unpredictable elements are 
any two different elements of a plurality of sequences of unpredictable elements used for 
encryption of a plurality of plaintext strings with the same secret key K. 
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